const express = require('express');
const router = express.Router();
const mongoose = require('mongoose');
// import m from "../models/EmailCode";
import mUser from '../models/User';
import _ from 'lodash';
import { Request, Response } from 'express';
import { NextFunction } from 'express-serve-static-core';

import utils from '../utils';

const moment = require('moment');

import { isEmail, isPhone, phoneCode, isDebug, emailCode } from '../config';

// 临时密钥计算样例

const http = require('http');
const crypto = require('crypto');
const request = require('request');

router.get('/auth', (req: Request, res: Response, next: NextFunction) => {
  // 配置参数
  const config = {
    Url: 'https://sts.api.qcloud.com/v2/index.php',
    Domain: 'sts.api.qcloud.com',
    Proxy: '',
    SecretId: 'AKIDCE1jDWXQ1MRGrCKkkW4PUKuDG5exIoM1', // 固定密钥
    SecretKey: 'c1B57vUpujIdiX6PTIrHUSCj15uVrzsY', // 固定密钥
    Bucket: 'shop-1251666674',
    Region: 'ap-beijing-1',
    AllowPrefix: '*', // 这里改成允许的路径前缀，这里可以根据自己网站的用户登录态判断允许上传的目录，例子：* 或者 a/* 或者 a.jpg
  };

  const util = {
    // 获取随机数
    getRandom: function(min: any, max: any) {
      return Math.round(Math.random() * (max - min) + min);
    },
    // obj 转 query string
    json2str: function(obj: any) {
      const arr: any[] = [];
      Object.keys(obj)
        .sort()
        .forEach(function(item) {
          const val = obj[item] || '';
          arr.push(item + '=' + val);
        });
      return arr.join('&');
    },
    // 计算签名
    getSignature: function(opt: any, key: string, method: any) {
      const formatString = method + config.Domain + '/v2/index.php?' + util.json2str(opt);
      const hmac = crypto.createHmac('sha1', key);
      const sign = hmac.update(new Buffer(formatString, 'utf8')).digest('base64');
      return sign;
    },
  };

  // 拼接获取临时密钥的参数
  const getTempKeys = function(callback: Function) {
    // 判断是否修改了 AllowPrefix
    if (config.AllowPrefix === '_ALLOW_DIR_/*') {
      callback({ error: '请修改 AllowPrefix 配置项，指定允许上传的路径前缀' });
      return;
    }

    // 定义绑定临时密钥的权限策略
    const ShortBucketName = config.Bucket.substr(0, config.Bucket.lastIndexOf('-'));
    const AppId = config.Bucket.substr(1 + config.Bucket.lastIndexOf('-'));
    const policy = {
      version: '2.0',
      statement: [
        {
          action: [
            // 这里可以从临时密钥的权限上控制前端允许的操作
            'name/cos:*', // 这样写可以包含下面所有权限

            // // 列出所有允许的操作
            // // ACL 读写
            // 'name/cos:GetBucketACL',
            // 'name/cos:PutBucketACL',
            // 'name/cos:GetObjectACL',
            // 'name/cos:PutObjectACL',
            // // 简单 Bucket 操作
            // 'name/cos:PutBucket',
            // 'name/cos:HeadBucket',
            // 'name/cos:GetBucket',
            // 'name/cos:DeleteBucket',
            // 'name/cos:GetBucketLocation',
            // // Versioning
            // 'name/cos:PutBucketVersioning',
            // 'name/cos:GetBucketVersioning',
            // // CORS
            // 'name/cos:PutBucketCORS',
            // 'name/cos:GetBucketCORS',
            // 'name/cos:DeleteBucketCORS',
            // // Lifecycle
            // 'name/cos:PutBucketLifecycle',
            // 'name/cos:GetBucketLifecycle',
            // 'name/cos:DeleteBucketLifecycle',
            // // Replication
            // 'name/cos:PutBucketReplication',
            // 'name/cos:GetBucketReplication',
            // 'name/cos:DeleteBucketReplication',
            // // 删除文件
            // 'name/cos:DeleteMultipleObject',
            // 'name/cos:DeleteObject',
            // 简单文件操作
            // 'name/cos:PutObject',
            // 'name/cos:PostObject',
            // 'name/cos:AppendObject',
            // 'name/cos:GetObject',
            // 'name/cos:HeadObject',
            // 'name/cos:OptionsObject',
            // 'name/cos:PutObjectCopy',
            // 'name/cos:PostObjectRestore',
            // 'name/cos:sliceCopyFile',
            // 分片上传操作
            // 'name/cos:InitiateMultipartUpload',
            // 'name/cos:ListMultipartUploads',
            // 'name/cos:ListParts',
            // 'name/cos:UploadPart',
            // 'name/cos:CompleteMultipartUpload',
            // 'name/cos:AbortMultipartUpload',
          ],
          effect: 'allow',
          principal: { qcs: ['*'] },
          resource: [
            'qcs::cos:' + config.Region + ':uid/' + AppId + ':prefix//' + AppId + '/' + ShortBucketName + '/',
            'qcs::cos:' + config.Region + ':uid/' + AppId + ':prefix//' + AppId + '/' + ShortBucketName + '/' + config.AllowPrefix,
          ],
        },
      ],
    };

    const policyStr = JSON.stringify(policy);

    const Action = 'GetFederationToken';
    const Nonce = util.getRandom(10000, 20000);
    const Timestamp = parseInt(String(+new Date() / 1000));
    const Method = 'GET';

    const params = {
      Action: Action,
      Nonce: Nonce,
      Region: '',
      SecretId: config.SecretId,
      Timestamp: Timestamp,
      durationSeconds: 7200,
      name: '',
      policy: policyStr,
      Signature: '',
    };
    params.Signature = encodeURIComponent(util.getSignature(params, config.SecretKey, Method));

    const opt = {
      method: Method,
      url: config.Url + '?' + util.json2str(params),
      rejectUnauthorized: false,
      headers: {
        Host: config.Domain,
      },
      proxy: config.Proxy || '',
    };
    request(opt, function(err: any, response: any, body: any) {
      body = body && JSON.parse(body);
      if (body.data) body = body.data;
      callback(err, body);
    });
  };

  getTempKeys(function(err: any, tempKeys: any) {
    if (err) {
      console.log('file err');
      return;
    } else {
      res.json({
        code: 200,
        data: tempKeys,
        msg: 'success',
      });
    }
  });
});

module.exports = router;
